astro-expert
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its architecture for processing untrusted data.
- Ingestion points: The skill is designed to ingest and review user-provided code snippets for Astro development (SKILL.md).
- Boundary markers: There are no explicit boundary markers or instructions defined to prevent the agent from following malicious instructions embedded within the code it reviews.
- Capability inventory: The skill has access to high-privilege tools including
Bash,Write,Edit,Read,Grep, andGlob(defined in YAML frontmatter). - Sanitization: No sanitization or validation of external code content is performed before interpolation into the agent's context.
Audit Metadata